DEVOPSdigest

ThreatX has extended its Runtime API and Application Protection (RAAP) offering to provide always-active API security from development to runtime, spanning vulnerability detection at Dev phase to protection at SecOps phase of the software lifecycle.

By combining runtime detection and dynamic scanning with protection, ThreatX’s RAAP solution empowers DevSecOps to detect and remediate vulnerabilities earlier, while protecting vulnerable APIs – all within one platform. Leveraging extended Berkeley Packet Filter (eBPF) technology, RAAP enables real-time, persistent observability into API/App architecture, traffic data exchanges, vulnerabilities, and threats (including zero-day attacks). It endlessly observes application/API security posture, east-west and north-south, so that vulnerabilities and attacks cannot take place unnoticed from development to production environments, thus fostering collaboration between DevOps and Sec teams through a unified platform. The latest Always-Active API Security capabilities enable Dev to remediate vulnerabilities early and Sec to protect what has not been remediated.

“The CISOs I speak to consistently emphasize the need for a solution that combines the functionalities of WAF, RASP, and DAST or SAST, rather than having multiple standalone AppSec tools. Having the ability to consolidate all these functions into one platform will decrease operational burden, reduce complexity, and foster collaboration between DevOps and security teams,” said Gene Fay, CEO at ThreatX. “We are excited to provide these unified runtime and dynamic API testing capabilities by extending ThreatX’s RAAP offering, enabling DevSecOps to remediate vulnerabilities like never before.”

ThreatX RAAP is easily deployed as a sidecar container within a Kubernetes (K8) environment without requiring an in-line deployment. It may be installed as a standalone solution or coupled with the ThreatX API & Application Protection – Edge solution.